RandR 1.4 X server patch series
keithp at keithp.com
Sun Dec 5 21:57:04 PST 2010
On Mon, 6 Dec 2010 06:39:02 +0100, Cyril Brulebois <kibi at debian.org> wrote:
> Keith Packard <keithp at keithp.com> (05/12/2010):
> > Here's the full patch series to add RandR 1.4 functionality to the X
> > server. This is the order in which I propose to merge the patches to
> > the X server, to make it possible to bisect the X server in the
> > future, I've added all of the functionality before adding the final
> > protocol version updates and dispatching hooks.
> (not that I can pretend reviewing anything like this for real)
> I checked that it builds successfully when patches are applied
> incrementally, assuming the missing version check gets fixed in the
> 2nd patch.
> gcc warns about that:
> | CC rrcrtc.lo
> | rrcrtc.c: In function ‘ProcRRSetCrtcConfigs’:
> | rrcrtc.c:1687: warning: ‘configs’ may be used uninitialized in this function
> I can't really see why it would think so. Looks like a warning one
> could easily silence by initializing configs to NULL.
Easy -- it can jump to 'sendReply:' early, calling RRFreeCrtcConfigs
with the uninitialized value. Good catch; I've been compiling with -O0
for debugging all weekend.
Here's a patch in my randr-1.4 branch. I'll mix that in at the right
spot with a bit of git rebase -i -fu later on.
Author: Keith Packard <keithp at keithp.com>
Date: Sun Dec 5 21:53:25 2010 -0800
ProcRRSetCrtcConfigs uses 'configs' without being initialized
If the client sends invalid data for this request, the server
will jump to 'sendReply' and call RRFreeCrtcConfigs, passing it the
uninitialized 'configs' and 'num_configs' values.
Signed-off-by: Keith Packard <keithp at keithp.com>
diff --git a/randr/rrcrtc.c b/randr/rrcrtc.c
index 97aa3d7..0fc8188 100644
@@ -1682,9 +1682,9 @@ ProcRRSetCrtcConfigs (ClientPtr client)
- RRCrtcConfigPtr configs;
+ RRCrtcConfigPtr configs = NULL;
- int num_configs;
+ int num_configs = 0;
int rc, i;
keith.packard at intel.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the xorg-devel